CVE-2017-16763
CRITICALConfire 0.2.0 - Remote Code Execution via YAML Parsing in config.py
Title source: llmDescription
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/bbengfort/confire/issues/24
Exploit, Third Party Advisory x_refsource_misc
https://joel-malwarebenchmark.github.io/blog/2017/11/12/cve-2017-16763-configure-loaded-through-confire/
Patch, Third Party Advisory x_refsource_confirm
https://github.com/bbengfort/confire/commit/8cc86a5ec2327e070f1d576d61bbaadf861597ea
Scores
CVSS v3
9.8
EPSS
0.0444
EPSS Percentile
90.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
confire_project/confire
0.2.0
pypi/confire
0PyPI
Published
Nov 10, 2017
Tracked Since
Feb 18, 2026